<!DOCTYPE html>
<html lang="zh-CN">
<head>
  <meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=2">
<meta name="theme-color" content="#222">
<meta name="generator" content="Hexo 7.3.0">
  <link rel="apple-touch-icon" sizes="180x180" href="/images/apple-touch-icon-next.png">
  <link rel="icon" type="image/png" sizes="32x32" href="/images/favicon-32x32-next.png">
  <link rel="icon" type="image/png" sizes="16x16" href="/images/favicon-16x16-next.png">
  <link rel="mask-icon" href="/images/logo.svg" color="#222">

<link rel="stylesheet" href="/css/main.css">

<link rel="stylesheet" href="//fonts.googleapis.com/css?family=ZCOOL XiaoWei:300,300italic,400,400italic,700,700italic&display=swap&subset=latin,latin-ext">
<link rel="stylesheet" href="/lib/font-awesome/css/all.min.css">

<script id="hexo-configurations">
    var NexT = window.NexT || {};
    var CONFIG = {"hostname":"czchenzhan.github.io","root":"/","scheme":"Pisces","version":"7.8.0","exturl":false,"sidebar":{"position":"left","display":"post","padding":18,"offset":12,"onmobile":false},"copycode":{"enable":false,"show_result":false,"style":null},"back2top":{"enable":true,"sidebar":false,"scrollpercent":false},"bookmark":{"enable":false,"color":"#222","save":"auto"},"fancybox":false,"mediumzoom":false,"lazyload":false,"pangu":false,"comments":{"style":"tabs","active":null,"storage":true,"lazyload":false,"nav":null},"algolia":{"hits":{"per_page":10},"labels":{"input_placeholder":"Search for Posts","hits_empty":"We didn't find any results for the search: ${query}","hits_stats":"${hits} results found in ${time} ms"}},"localsearch":{"enable":true,"trigger":"auto","top_n_per_article":10,"unescape":true,"preload":false},"motion":{"enable":true,"async":false,"transition":{"post_block":"fadeIn","post_header":"slideDownIn","post_body":"slideDownIn","coll_header":"slideLeftIn","sidebar":"slideUpIn"}},"path":"./public/search.xml"};
  </script>

  <meta name="description" content="概述&emsp;&emsp;此文用于记录学习 HackTheBox 网站中 Path: Junior Cyber security Analyst 获得的知识点。ƪ(˘⌣˘)ʃ">
<meta property="og:type" content="article">
<meta property="og:title" content="HackTheBox-JuniorCybersecurityAnalyst">
<meta property="og:url" content="https://czchenzhan.github.io/2025/09/09/HackTheBox-JuniorCybersecurityAnalyst/index.html">
<meta property="og:site_name" content="陈展的博客">
<meta property="og:description" content="概述&emsp;&emsp;此文用于记录学习 HackTheBox 网站中 Path: Junior Cyber security Analyst 获得的知识点。ƪ(˘⌣˘)ʃ">
<meta property="og:locale" content="zh_CN">
<meta property="og:image" content="https://czchenzhan.github.io/2025/09/09/HackTheBox-JuniorCybersecurityAnalyst/Network.png">
<meta property="og:image" content="https://czchenzhan.github.io/2025/09/09/HackTheBox-JuniorCybersecurityAnalyst/OSIModel.png">
<meta property="og:image" content="https://czchenzhan.github.io/2025/09/09/HackTheBox-JuniorCybersecurityAnalyst/TCP-IPModel.png">
<meta property="og:image" content="https://czchenzhan.github.io/2025/09/09/HackTheBox-JuniorCybersecurityAnalyst/IP-MAC.png">
<meta property="og:image" content="https://czchenzhan.github.io/2025/09/09/HackTheBox-JuniorCybersecurityAnalyst/ContinueDHCP.png">
<meta property="article:published_time" content="2025-09-08T16:00:00.000Z">
<meta property="article:modified_time" content="2025-09-10T05:45:20.910Z">
<meta property="article:author" content="作者：陈展">
<meta property="article:tag" content="HackTheBox Learning">
<meta name="twitter:card" content="summary">
<meta name="twitter:image" content="https://czchenzhan.github.io/2025/09/09/HackTheBox-JuniorCybersecurityAnalyst/Network.png">

<link rel="canonical" href="https://czchenzhan.github.io/2025/09/09/HackTheBox-JuniorCybersecurityAnalyst/">


<script id="page-configurations">
  // https://hexo.io/docs/variables.html
  CONFIG.page = {
    sidebar: "",
    isHome : false,
    isPost : true,
    lang   : 'zh-CN'
  };
</script>

  <title>HackTheBox-JuniorCybersecurityAnalyst | 陈展的博客</title>
  






  <noscript>
  <style>
  .use-motion .brand,
  .use-motion .menu-item,
  .sidebar-inner,
  .use-motion .post-block,
  .use-motion .pagination,
  .use-motion .comments,
  .use-motion .post-header,
  .use-motion .post-body,
  .use-motion .collection-header { opacity: initial; }

  .use-motion .site-title,
  .use-motion .site-subtitle {
    opacity: initial;
    top: initial;
  }

  .use-motion .logo-line-before i { left: initial; }
  .use-motion .logo-line-after i { right: initial; }
  </style>
</noscript>

</head>

<body itemscope itemtype="http://schema.org/WebPage">
  <div class="container use-motion">
    <div class="headband"></div>

    <header class="header" itemscope itemtype="http://schema.org/WPHeader">
      <div class="header-inner"><div class="site-brand-container">
  <div class="site-nav-toggle">
    <div class="toggle" aria-label="切换导航栏">
      <span class="toggle-line toggle-line-first"></span>
      <span class="toggle-line toggle-line-middle"></span>
      <span class="toggle-line toggle-line-last"></span>
    </div>
  </div>

  <div class="site-meta">

    <a href="/" class="brand" rel="start">
      <span class="logo-line-before"><i></i></span>
      <h1 class="site-title">陈展的博客</h1>
      <span class="logo-line-after"><i></i></span>
    </a>
      <p class="site-subtitle" itemprop="description">记录点滴</p>
  </div>

  <div class="site-nav-right">
    <div class="toggle popup-trigger">
        <i class="fa fa-search fa-fw fa-lg"></i>
    </div>
  </div>
</div>




<nav class="site-nav">
  <ul id="menu" class="main-menu menu">
        <li class="menu-item menu-item-home">

    <a href="/" rel="section"><i class="fa fa-home fa-fw"></i>首页</a>

  </li>
        <li class="menu-item menu-item-tags">

    <a href="/tags/" rel="section"><i class="fa fa-tags fa-fw"></i>标签</a>

  </li>
        <li class="menu-item menu-item-categories">

    <a href="/categories/" rel="section"><i class="fa fa-th fa-fw"></i>分类</a>

  </li>
      <li class="menu-item menu-item-search">
        <a role="button" class="popup-trigger"><i class="fa fa-search fa-fw"></i>搜索
        </a>
      </li>
  </ul>
</nav>



  <div class="search-pop-overlay">
    <div class="popup search-popup">
        <div class="search-header">
  <span class="search-icon">
    <i class="fa fa-search"></i>
  </span>
  <div class="search-input-container">
    <input autocomplete="off" autocapitalize="off"
           placeholder="搜索..." spellcheck="false"
           type="search" class="search-input">
  </div>
  <span class="popup-btn-close">
    <i class="fa fa-times-circle"></i>
  </span>
</div>
<div id="search-result">
  <div id="no-result">
    <i class="fa fa-spinner fa-pulse fa-5x fa-fw"></i>
  </div>
</div>

    </div>
  </div>

</div>
    </header>

    
  <div class="back-to-top">
    <i class="fa fa-arrow-up"></i>
    <span>0%</span>
  </div>


    <main class="main">
      <div class="main-inner">
        <div class="content-wrap">
          

          <div class="content post posts-expand">
            

    
  
  
  <article itemscope itemtype="http://schema.org/Article" class="post-block" lang="zh-CN">
    <link itemprop="mainEntityOfPage" href="https://czchenzhan.github.io/2025/09/09/HackTheBox-JuniorCybersecurityAnalyst/">

    <span hidden itemprop="author" itemscope itemtype="http://schema.org/Person">
      <meta itemprop="image" content="/images/avatar.gif">
      <meta itemprop="name" content="作者：陈展">
      <meta itemprop="description" content="欢迎到访">
    </span>

    <span hidden itemprop="publisher" itemscope itemtype="http://schema.org/Organization">
      <meta itemprop="name" content="陈展的博客">
    </span>
      <header class="post-header">
        <h1 class="post-title" itemprop="name headline">
          HackTheBox-JuniorCybersecurityAnalyst
        </h1>

        <div class="post-meta">
            <span class="post-meta-item">
              <span class="post-meta-item-icon">
                <i class="far fa-calendar"></i>
              </span>
              <span class="post-meta-item-text">发表于</span>

              <time title="创建时间：2025-09-09 00:00:00" itemprop="dateCreated datePublished" datetime="2025-09-09T00:00:00+08:00">2025-09-09</time>
            </span>
              <span class="post-meta-item">
                <span class="post-meta-item-icon">
                  <i class="far fa-calendar-check"></i>
                </span>
                <span class="post-meta-item-text">更新于</span>
                <time title="修改时间：2025-09-10 13:45:20" itemprop="dateModified" datetime="2025-09-10T13:45:20+08:00">2025-09-10</time>
              </span>
            <span class="post-meta-item">
              <span class="post-meta-item-icon">
                <i class="far fa-folder"></i>
              </span>
              <span class="post-meta-item-text">分类于</span>
                <span itemprop="about" itemscope itemtype="http://schema.org/Thing">
                  <a href="/categories/Web-Security/" itemprop="url" rel="index"><span itemprop="name">Web Security</span></a>
                </span>
            </span>

          

        </div>
      </header>

    
    
    
    <div class="post-body" itemprop="articleBody">

      
        <h1 id="概述"><a href="#概述" class="headerlink" title="概述"></a>概述</h1><p>&emsp;&emsp;此文用于记录学习 HackTheBox 网站中 Path: Junior Cyber security Analyst 获得的知识点。ƪ(˘⌣˘)ʃ</p>
<span id="more"></span>

<!-- toc -->

<h1 id="Path’s-Modules"><a href="#Path’s-Modules" class="headerlink" title="Path’s Modules"></a>Path’s Modules</h1><h2 id="Module-1-Introduction-to-Information-Security"><a href="#Module-1-Introduction-to-Information-Security" class="headerlink" title="Module 1: Introduction to Information Security"></a>Module 1: Introduction to Information Security</h2><h4 id="Section-1-Structure-of-InfoSec"><a href="#Section-1-Structure-of-InfoSec" class="headerlink" title="Section 1: Structure of InfoSec"></a>Section 1: Structure of InfoSec</h4><h4 id="Section-2-Principles-of-Information-Security"><a href="#Section-2-Principles-of-Information-Security" class="headerlink" title="Section 2: Principles of Information Security"></a>Section 2: Principles of Information Security</h4><h4 id="Section-3-Network-Security"><a href="#Section-3-Network-Security" class="headerlink" title="Section 3: Network Security"></a>Section 3: Network Security</h4><h4 id="Section-4-Application-Security"><a href="#Section-4-Application-Security" class="headerlink" title="Section 4: Application Security"></a>Section 4: Application Security</h4><p>&emsp;&emsp;<code>CIA</code>：confidentiality, integrity, and availability，机密性、完整性与可用性。</p>
<h4 id="Section-5-Operational-Security"><a href="#Section-5-Operational-Security" class="headerlink" title="Section 5: Operational Security"></a>Section 5: Operational Security</h4><h4 id="Section-6-Disaster-Recovery-and-Business-Continuity"><a href="#Section-6-Disaster-Recovery-and-Business-Continuity" class="headerlink" title="Section 6: Disaster Recovery and Business Continuity"></a>Section 6: Disaster Recovery and Business Continuity</h4><p>&emsp;&emsp;<code>DR\BR</code>：Disaster Recovery&#x2F;Business Continuity，灾难恢复&#x2F;业务连续性。</p>
<h4 id="Section-7-Cloud-Security"><a href="#Section-7-Cloud-Security" class="headerlink" title="Section 7: Cloud Security"></a>Section 7: Cloud Security</h4><h4 id="Section-8-Physical-Security"><a href="#Section-8-Physical-Security" class="headerlink" title="Section 8: Physical Security"></a>Section 8: Physical Security</h4><h4 id="Section-9-Mobile-Security"><a href="#Section-9-Mobile-Security" class="headerlink" title="Section 9: Mobile Security"></a>Section 9: Mobile Security</h4><h4 id="Section-10-Internet-of-Things-Security"><a href="#Section-10-Internet-of-Things-Security" class="headerlink" title="Section 10: Internet of Things Security"></a>Section 10: Internet of Things Security</h4><h4 id="Section-11-Distributed-Denial-of-Service"><a href="#Section-11-Distributed-Denial-of-Service" class="headerlink" title="Section 11: Distributed Denial of Service"></a>Section 11: Distributed Denial of Service</h4><p>&emsp;&emsp;<code>DDoS</code>：Distributed Denial of Service，分布式拒绝服务。</p>
<h4 id="Section-12-Ransomware"><a href="#Section-12-Ransomware" class="headerlink" title="Section 12: Ransomware"></a>Section 12: Ransomware</h4><h4 id="Section-13-Social-Engineering"><a href="#Section-13-Social-Engineering" class="headerlink" title="Section 13: Social Engineering"></a>Section 13: Social Engineering</h4><h4 id="Section-14-Insider-Threat"><a href="#Section-14-Insider-Threat" class="headerlink" title="Section 14: Insider Threat"></a>Section 14: Insider Threat</h4><h4 id="Section-15-Advanced-Persistent-Threats"><a href="#Section-15-Advanced-Persistent-Threats" class="headerlink" title="Section 15: Advanced Persistent Threats"></a>Section 15: Advanced Persistent Threats</h4><p>&emsp;&emsp;<code>APT</code>：Advanced Persistent Threats，高级持续性威胁。</p>
<h4 id="Section-16-Threat-Actors"><a href="#Section-16-Threat-Actors" class="headerlink" title="Section 16: Threat Actors"></a>Section 16: Threat Actors</h4><h4 id="Section-17-Red-Team"><a href="#Section-17-Red-Team" class="headerlink" title="Section 17: Red Team"></a>Section 17: Red Team</h4><h4 id="Section-18-Blue-Team"><a href="#Section-18-Blue-Team" class="headerlink" title="Section 18: Blue Team"></a>Section 18: Blue Team</h4><h4 id="Section-19-Purple-Team"><a href="#Section-19-Purple-Team" class="headerlink" title="Section 19: Purple Team"></a>Section 19: Purple Team</h4><h4 id="Section-20-Chief-Information-Security-Officer"><a href="#Section-20-Chief-Information-Security-Officer" class="headerlink" title="Section 20: Chief Information Security Officer"></a>Section 20: Chief Information Security Officer</h4><p>&emsp;&emsp;<code>CISO</code>：Chief Information Security Officer，首席信息安全官。</p>
<h4 id="Section-21-Penetration-Testers"><a href="#Section-21-Penetration-Testers" class="headerlink" title="Section 21: Penetration Testers"></a>Section 21: Penetration Testers</h4><h4 id="Section-22-Security-Operations-Center"><a href="#Section-22-Security-Operations-Center" class="headerlink" title="Section 22: Security Operations Center"></a>Section 22: Security Operations Center</h4><p>&emsp;&emsp;<code>SOC</code>：Security Operations Center，安全运营中心。</p>
<h4 id="Section-23-Bug-Bounty-Hunter"><a href="#Section-23-Bug-Bounty-Hunter" class="headerlink" title="Section 23: Bug Bounty Hunter"></a>Section 23: Bug Bounty Hunter</h4><h4 id="Section-24-Recommendations"><a href="#Section-24-Recommendations" class="headerlink" title="Section 24: Recommendations"></a>Section 24: Recommendations</h4><h2 id="Module-2-Network-Foundations"><a href="#Module-2-Network-Foundations" class="headerlink" title="Module 2: Network Foundations"></a>Module 2: Network Foundations</h2><h4 id="Section-1-Introduction-to-Networks"><a href="#Section-1-Introduction-to-Networks" class="headerlink" title="Section 1:Introduction to Networks"></a>Section 1:Introduction to Networks</h4><p>&emsp;&emsp;<code>LAN/WAN</code>：局域网&#x2F;广域网。</p>
<p>&emsp;&emsp;<code>什么是网络？</code>：网络是可以互相通信、接发数据的设备的集合，其主要有以下部分构成：</p>
<table>
<thead>
<tr>
<th align="center">概念</th>
<th align="center">描述</th>
</tr>
</thead>
<tbody><tr>
<td align="center">Nodes</td>
<td align="center">连接到网络的单个设备</td>
</tr>
<tr>
<td align="center">Links</td>
<td align="center">连接两个 Node 的通信路径</td>
</tr>
<tr>
<td align="center">Data Sharing</td>
<td align="center">网络的目的是实现设备间的数据交换</td>
</tr>
</tbody></table>
<p>&emsp;&emsp;<code>局域网</code>：小范围的网络，连接短距离内的设备，其具有以下特点：</p>
<table>
<thead>
<tr>
<th align="center">特点</th>
<th align="center">描述</th>
</tr>
</thead>
<tbody><tr>
<td align="center">Resource Sharing</td>
<td align="center">占地面积小</td>
</tr>
<tr>
<td align="center">Ownership</td>
<td align="center">通常属于个人或单个组织</td>
</tr>
<tr>
<td align="center">Speed</td>
<td align="center">数据的传输速率高</td>
</tr>
<tr>
<td align="center">Media</td>
<td align="center">通信路径连接的媒体，通常是以太网电缆或 Wi-Fi</td>
</tr>
</tbody></table>
<p>&emsp;&emsp;<code>广域网</code>：连接多个局域网的网络，最大的即是互联网，较局域网而言，数据传输较慢、通信路径载体多为光纤、卫星等。</p>
<p>&emsp;&emsp;以如下图展示局域网及广域网的基本结构：</p>
<p><img src="/2025/09/09/HackTheBox-JuniorCybersecurityAnalyst/Network.png" title="Network"></p>
<h4 id="Section-2-Network-Concepts"><a href="#Section-2-Network-Concepts" class="headerlink" title="Section 2: Network Concepts"></a>Section 2: Network Concepts</h4><p>&emsp;&emsp;<code>OSI Model</code>：Open Systems Interconnection Model，将电信或计算系统的功能标准化为七个抽象层。</p>
<p><img src="/2025/09/09/HackTheBox-JuniorCybersecurityAnalyst/OSIModel.png" title="OSIModel"></p>
<table>
<thead>
<tr>
<th align="center">抽象层</th>
<th>描述</th>
</tr>
</thead>
<tbody><tr>
<td align="center">物理层</td>
<td>&emsp;&emsp;负责在物理介质上传输原始比特流，处理设备之间的物理连接，包括以太网电缆、集线器、中继器等硬件组件。</td>
</tr>
<tr>
<td align="center">数据链路层</td>
<td>&emsp;&emsp;提供节点到节点的数据传输，确保数据帧的同步、错误检测与纠正。交换机和网桥工作在该层，使用 MAC 地址识别网络设备。</td>
</tr>
<tr>
<td align="center">网络层</td>
<td>&emsp;&emsp;负责分组转发和路由选择，使用 IP 地址进行逻辑寻址，确保数据能跨越多个网络到达正确的目的地。路由器在该层工作。</td>
</tr>
<tr>
<td align="center">传输层</td>
<td>&emsp;&emsp;提供端到端通信服务，负责数据的可靠或不可靠传输、分段、重组、流量控制和错误校验。常用协议有 TCP（可靠、面向连接）和 UDP（快速、无连接）。</td>
</tr>
<tr>
<td align="center">会话层</td>
<td>&emsp;&emsp;管理应用之间的会话，负责建立、维护和终止连接，并支持会话检查点与恢复，保证中断后通信可恢复。</td>
</tr>
<tr>
<td align="center">表示层</td>
<td>&emsp;&emsp;作为应用层与网络格式之间的翻译者，处理数据表示、加密解密、压缩和格式转换，保证跨系统数据可读。</td>
</tr>
<tr>
<td align="center">应用层</td>
<td>&emsp;&emsp;直接为终端用户应用提供网络服务，如资源共享、远程文件访问。常见协议包括 HTTP、FTP、SMTP、DNS 等。</td>
</tr>
</tbody></table>
<p>&emsp;&emsp;<code>TCP/IP Model</code>：Transmission Control Protocol&#x2F;Internet Protocol Model，简化 OSI Model 为四层。</p>
<p><img src="/2025/09/09/HackTheBox-JuniorCybersecurityAnalyst/TCP-IPModel.png" title="TCP-IPModel"></p>
<table>
<thead>
<tr>
<th align="center">抽象层</th>
<th>描述</th>
</tr>
</thead>
<tbody><tr>
<td align="center">链路层</td>
<td>&emsp;&emsp;负责处理网络硬件和介质的物理方面，包括以太网（有线）和 Wi-Fi（无线）等技术。对应 OSI 模型的物理层和数据链路层，涵盖从物理连接到数据帧的处理。</td>
</tr>
<tr>
<td align="center">网际层</td>
<td>&emsp;&emsp;负责设备的逻辑寻址和跨网络的数据包路由，常用协议有 IP（互联网协议）、ICMP（互联网控制报文协议）。确保数据包通过逻辑路径到达正确目的地，对应 OSI 网络层。</td>
</tr>
<tr>
<td align="center">传输层</td>
<td>&emsp;&emsp;提供端到端通信服务，确保数据包按序且无误传递。TCP 提供可靠、面向连接的通信，UDP 提供快速、无连接的服务。对应 OSI 传输层。</td>
</tr>
<tr>
<td align="center">应用层</td>
<td>&emsp;&emsp;包含直接为应用提供服务的协议，如 HTTP（网页浏览）、FTP（文件传输）、SMTP（电子邮件）。对应 OSI 的会话层、表示层和应用层，提供数据交换的接口与协议。</td>
</tr>
</tbody></table>
<p>&emsp;&emsp;<code>网络传输</code>：即指通过介质将数据信从一台设备发送到另一台设备的过程。</p>
<p>&emsp;&emsp;<code>传输类型</code>：分为模拟和数字两种，模拟传输使用连续变化的波形传输信息，多用于无线电广播；数字传输使用 0&#x2F;1 比特位传输信息，多用于计算机网络中。</p>
<p>&emsp;&emsp;<code>传输模式</code>：分为 Simplex、Half-duplex 和 Full-duplex三种模式。</p>
<table>
<thead>
<tr>
<th align="center">模式</th>
<th align="center">描述</th>
<th align="center">示例</th>
</tr>
</thead>
<tbody><tr>
<td align="center">Simplex，单工</td>
<td align="center">仅允许单向通信</td>
<td align="center">键盘到计算机</td>
</tr>
<tr>
<td align="center">Half-duplex，半双工</td>
<td align="center">允许双向通信，但不能同时进行</td>
<td align="center">对讲机通话</td>
</tr>
<tr>
<td align="center">Full-duplex，全双工</td>
<td align="center">支持双向同时通信</td>
<td align="center">电话通话</td>
</tr>
</tbody></table>
<p>&emsp;&emsp;<code>传输介质</code>：在网络中传输数据的物理方式，有线（光纤等）或无线（Wi-Fi、红外遥控器等）。</p>
<h4 id="Section-3-Components-of-a-Network"><a href="#Section-3-Components-of-a-Network" class="headerlink" title="Section 3: Components of a Network"></a>Section 3: Components of a Network</h4><p>&emsp;&emsp;<code>网络组件</code>：分为以下四部分：End Devices，终端设备；Intermediary Devices，中间设备；Network Media and Software Components，网络媒体和软件组件；Servers，服务器。</p>
<p>&emsp;&emsp;<code>End Devices</code>：接发数据的设备，电脑、手机、平板均是。</p>
<p>&emsp;&emsp;<code>Intermediary Devices</code>：主要介绍三种，网卡、路由器和交换机：</p>
<table>
<thead>
<tr>
<th align="center">中间设备</th>
<th>描述</th>
</tr>
</thead>
<tbody><tr>
<td align="center">Network Interface Cards（NICs），网络接口卡</td>
<td>&emsp;&emsp;用于连接到网络，如通过电缆连接的以太网卡，或者是利用无线电波的 Wi-Fi 适配器。每个网卡拥有一个 MAC地址。</td>
</tr>
<tr>
<td align="center">Routers，路由器</td>
<td>&emsp;&emsp;读取数据包中的网络地址信息以确定其目的地，使用路由表和路由协议 <code>Open Shortest Path First (OSPF)</code>来查找数据间传递的最有效路径。</td>
</tr>
<tr>
<td align="center">Switches，交换机</td>
<td>&emsp;&emsp;连接同一网络内的多个设备，使用 MAC 地址仅将数据转发给预期的接收者，比如员工发送资料至打印机。</td>
</tr>
</tbody></table>
<p>&emsp;&emsp;<code>Network Media and Software Components</code>：网络媒体（电缆和连接线）和网络协议（如 TCP&#x2F;IP 等）不再说明，主要说明软件防火墙：</p>
<figure class="highlight plaintext"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br></pre></td><td class="code"><pre><span class="line">Software Firewalls</span><br><span class="line">- 特点</span><br><span class="line">  1、安装在单个计算机或设备上的安全应用程序</span><br><span class="line">  2、对单个设备起作用</span><br><span class="line">- 作用</span><br><span class="line">  1、防止未经授权的访问</span><br><span class="line">  2、拒绝包含可疑或恶意数据的传入数据包</span><br><span class="line">  3、限制某些应用程序或服务的访问</span><br></pre></td></tr></table></figure>

<p>&emsp;&emsp;<code>Servers</code>：服务器通常运行专门的操作系统，这些操作系统经过优化，以处理多个同时请求。</p>
<h4 id="Section-4-Network-Communication"><a href="#Section-4-Network-Communication" class="headerlink" title="Section 4: Network Communication"></a>Section 4: Network Communication</h4><p>&emsp;&emsp;<code>MAC Address</code>：每个 MAC 地址长 48 位，通常以十六进制格式表示，显示为六对十六进制数字，用冒号或连字符分隔，例如 00：1A：2B：3C：4D：5E。其前 24 位代表分配给制造商的地址 <code>Organizationally Unique Identifier (OUI)</code> ，而其余 24 位则特定于单个设备。</p>
<p>&emsp;&emsp;<code>MAC 地址的使用</code>：MAC 地址是局域网内本地通信的基础，用于将数据帧传送到正确的物理设备，其具体通信过程如下：</p>
<figure class="highlight plaintext"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br></pre></td><td class="code"><pre><span class="line">data + destination MAC -&gt; a data frame</span><br><span class="line">a data frame -&gt; switches =&gt; get destination MAC</span><br><span class="line">switch send the frame -&gt; right port</span><br></pre></td></tr></table></figure>

<p>&emsp;&emsp;此外，还可以通过 Address Resolution Protocol（ARP）协议将 IP 地址映射到 MAC 地址，允许设备找到与同一网络内已知 IP 地址关联的 MAC 地址，如下图所示：</p>
<p><img src="/2025/09/09/HackTheBox-JuniorCybersecurityAnalyst/IP-MAC.png" title="IP-MAC"></p>
<p>&emsp;&emsp;<code>IP/Port</code>：具体格式不再解释，这里记录一个检测、侦听端口的指令：<strong>netstat</strong>。</p>
<p>&emsp;&emsp;<code>访问网站的具体步骤</code>：如下所示</p>
<figure class="highlight plaintext"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br></pre></td><td class="code"><pre><span class="line">1、输入目标域名 A</span><br><span class="line">2、计算机进行 DNS 查找，将域名解析为 IP：B</span><br><span class="line">3、生成 HTTP请求包，指定端口 80 或 443，请求包包括目标 IP B</span><br><span class="line">4、使用 ARP 查找默认网关（路由器）的 mAC：C</span><br><span class="line">5、data frame -&gt; C -&gt; B/80</span><br><span class="line">6、服务器接收请求，反向以相同方式传回响应信息</span><br></pre></td></tr></table></figure>

<h4 id="Section-5-Dynamic-Host-Configuration-Protocol-DHCP"><a href="#Section-5-Dynamic-Host-Configuration-Protocol-DHCP" class="headerlink" title="Section 5: Dynamic Host Configuration Protocol (DHCP)"></a>Section 5: Dynamic Host Configuration Protocol (DHCP)</h4><p>&emsp;&emsp;<code>DHCP 简介</code>：自动执行在 IP 网络上配置设备的过程。它允许设备自动接收 IP 地址和其他网络配置参数，例如子网掩码、默认网关和 DNS 服务器。</p>
<p>&emsp;&emsp;<code>DHCP roles</code>：即 DHCP Server 和 DHCP Client：</p>
<table>
<thead>
<tr>
<th align="center">角色</th>
<th>描述</th>
</tr>
</thead>
<tbody><tr>
<td align="center">DHCP Server</td>
<td>&emsp;&emsp;管理 IP 地址分配的网络设备（如路由器），维护一个可用 IP 地址和配置参数的池。</td>
</tr>
<tr>
<td align="center">DHCP Client</td>
<td>&emsp;&emsp;连接到网络并从 DHCP 服务器请求网络配置参数的任何设备。</td>
</tr>
</tbody></table>
<p>&emsp;&emsp;<code>DHCP 工作原理</code>：称为 DORA， 即 Discover、Offer、Request 和 Acknowledge.</p>
<table>
<thead>
<tr>
<th align="center">步骤</th>
<th>描述</th>
</tr>
</thead>
<tbody><tr>
<td align="center">Discover（发现）</td>
<td>&emsp;&emsp;当设备连接到网络时，它会广播 DHCP Discovery 消息以查找可用的 DHCP 服务器。</td>
</tr>
<tr>
<td align="center">Offer（提供）</td>
<td>&emsp;&emsp;网络上的 DHCP 服务器接收发现消息并使用 DHCP Offer 消息进行响应，向客户端建议 IP 地址租约。</td>
</tr>
<tr>
<td align="center">Request（请求）</td>
<td>&emsp;&emsp;客户端收到提供并回复 DHCP Request 消息，指示它接受提供的 IP 地址。</td>
</tr>
<tr>
<td align="center">Acknowledge（确认）</td>
<td>&emsp;&emsp;DHCP 服务器发送 DHCP Acknowledge 消息，确认已为客户端分配了 IP 地址。客户端现在可以使用该 IP 地址在网络上进行通信。</td>
</tr>
</tbody></table>
<p>&emsp;&emsp;在租约到期之前，客户端必须主动尝试续订其 IP 地址租约。这涉及向 DHCP 服务器发送续订请求。当租约接近到期时，客户端与 DHCP 服务器通信，询问它是否可以继续使用分配的 IP 地址，服务器可以肯定地响应该地址，从而延长租约。</p>
<p><img src="/2025/09/09/HackTheBox-JuniorCybersecurityAnalyst/ContinueDHCP.png" title="ContinueDHCP"></p>

    </div>

    
    
    

      <footer class="post-footer">
          <div class="post-tags">
              <a href="/tags/HackTheBox-Learning/" rel="tag"># HackTheBox Learning</a>
          </div>

        


        
    <div class="post-nav">
      <div class="post-nav-item">
    <a href="/2025/04/23/TryHackMe-WindowsPrivilegeEscalation/" rel="prev" title="TryHackMe-LinuxPrivilegeEscalation">
      <i class="fa fa-chevron-left"></i> TryHackMe-LinuxPrivilegeEscalation
    </a></div>
      <div class="post-nav-item"></div>
    </div>
      </footer>
    
  </article>
  
  
  



          </div>
          

<script>
  window.addEventListener('tabs:register', () => {
    let { activeClass } = CONFIG.comments;
    if (CONFIG.comments.storage) {
      activeClass = localStorage.getItem('comments_active') || activeClass;
    }
    if (activeClass) {
      let activeTab = document.querySelector(`a[href="#comment-${activeClass}"]`);
      if (activeTab) {
        activeTab.click();
      }
    }
  });
  if (CONFIG.comments.storage) {
    window.addEventListener('tabs:click', event => {
      if (!event.target.matches('.tabs-comment .tab-content .tab-pane')) return;
      let commentClass = event.target.classList[1];
      localStorage.setItem('comments_active', commentClass);
    });
  }
</script>

        </div>
          
  
  <div class="toggle sidebar-toggle">
    <span class="toggle-line toggle-line-first"></span>
    <span class="toggle-line toggle-line-middle"></span>
    <span class="toggle-line toggle-line-last"></span>
  </div>

  <aside class="sidebar">
    <div class="sidebar-inner">

      <ul class="sidebar-nav motion-element">
        <li class="sidebar-nav-toc">
          文章目录
        </li>
        <li class="sidebar-nav-overview">
          站点概览
        </li>
      </ul>

      <!--noindex-->
      <div class="post-toc-wrap sidebar-panel">
          <div class="post-toc motion-element"><ol class="nav"><li class="nav-item nav-level-1"><a class="nav-link" href="#%E6%A6%82%E8%BF%B0"><span class="nav-number">1.</span> <span class="nav-text">概述</span></a></li><li class="nav-item nav-level-1"><a class="nav-link" href="#Path%E2%80%99s-Modules"><span class="nav-number">2.</span> <span class="nav-text">Path’s Modules</span></a><ol class="nav-child"><li class="nav-item nav-level-2"><a class="nav-link" href="#Module-1-Introduction-to-Information-Security"><span class="nav-number">2.1.</span> <span class="nav-text">Module 1: Introduction to Information Security</span></a><ol class="nav-child"><li class="nav-item nav-level-4"><a class="nav-link" href="#Section-1-Structure-of-InfoSec"><span class="nav-number">2.1.0.1.</span> <span class="nav-text">Section 1: Structure of InfoSec</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#Section-2-Principles-of-Information-Security"><span class="nav-number">2.1.0.2.</span> <span class="nav-text">Section 2: Principles of Information Security</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#Section-3-Network-Security"><span class="nav-number">2.1.0.3.</span> <span class="nav-text">Section 3: Network Security</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#Section-4-Application-Security"><span class="nav-number">2.1.0.4.</span> <span class="nav-text">Section 4: Application Security</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#Section-5-Operational-Security"><span class="nav-number">2.1.0.5.</span> <span class="nav-text">Section 5: Operational Security</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#Section-6-Disaster-Recovery-and-Business-Continuity"><span class="nav-number">2.1.0.6.</span> <span class="nav-text">Section 6: Disaster Recovery and Business Continuity</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#Section-7-Cloud-Security"><span class="nav-number">2.1.0.7.</span> <span class="nav-text">Section 7: Cloud Security</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#Section-8-Physical-Security"><span class="nav-number">2.1.0.8.</span> <span class="nav-text">Section 8: Physical Security</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#Section-9-Mobile-Security"><span class="nav-number">2.1.0.9.</span> <span class="nav-text">Section 9: Mobile Security</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#Section-10-Internet-of-Things-Security"><span class="nav-number">2.1.0.10.</span> <span class="nav-text">Section 10: Internet of Things Security</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#Section-11-Distributed-Denial-of-Service"><span class="nav-number">2.1.0.11.</span> <span class="nav-text">Section 11: Distributed Denial of Service</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#Section-12-Ransomware"><span class="nav-number">2.1.0.12.</span> <span class="nav-text">Section 12: Ransomware</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#Section-13-Social-Engineering"><span class="nav-number">2.1.0.13.</span> <span class="nav-text">Section 13: Social Engineering</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#Section-14-Insider-Threat"><span class="nav-number">2.1.0.14.</span> <span class="nav-text">Section 14: Insider Threat</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#Section-15-Advanced-Persistent-Threats"><span class="nav-number">2.1.0.15.</span> <span class="nav-text">Section 15: Advanced Persistent Threats</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#Section-16-Threat-Actors"><span class="nav-number">2.1.0.16.</span> <span class="nav-text">Section 16: Threat Actors</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#Section-17-Red-Team"><span class="nav-number">2.1.0.17.</span> <span class="nav-text">Section 17: Red Team</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#Section-18-Blue-Team"><span class="nav-number">2.1.0.18.</span> <span class="nav-text">Section 18: Blue Team</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#Section-19-Purple-Team"><span class="nav-number">2.1.0.19.</span> <span class="nav-text">Section 19: Purple Team</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#Section-20-Chief-Information-Security-Officer"><span class="nav-number">2.1.0.20.</span> <span class="nav-text">Section 20: Chief Information Security Officer</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#Section-21-Penetration-Testers"><span class="nav-number">2.1.0.21.</span> <span class="nav-text">Section 21: Penetration Testers</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#Section-22-Security-Operations-Center"><span class="nav-number">2.1.0.22.</span> <span class="nav-text">Section 22: Security Operations Center</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#Section-23-Bug-Bounty-Hunter"><span class="nav-number">2.1.0.23.</span> <span class="nav-text">Section 23: Bug Bounty Hunter</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#Section-24-Recommendations"><span class="nav-number">2.1.0.24.</span> <span class="nav-text">Section 24: Recommendations</span></a></li></ol></li></ol></li><li class="nav-item nav-level-2"><a class="nav-link" href="#Module-2-Network-Foundations"><span class="nav-number">2.2.</span> <span class="nav-text">Module 2: Network Foundations</span></a><ol class="nav-child"><li class="nav-item nav-level-4"><a class="nav-link" href="#Section-1-Introduction-to-Networks"><span class="nav-number">2.2.0.1.</span> <span class="nav-text">Section 1:Introduction to Networks</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#Section-2-Network-Concepts"><span class="nav-number">2.2.0.2.</span> <span class="nav-text">Section 2: Network Concepts</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#Section-3-Components-of-a-Network"><span class="nav-number">2.2.0.3.</span> <span class="nav-text">Section 3: Components of a Network</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#Section-4-Network-Communication"><span class="nav-number">2.2.0.4.</span> <span class="nav-text">Section 4: Network Communication</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#Section-5-Dynamic-Host-Configuration-Protocol-DHCP"><span class="nav-number">2.2.0.5.</span> <span class="nav-text">Section 5: Dynamic Host Configuration Protocol (DHCP)</span></a></li></ol></li></ol></li></ol></li></ol></div>
      </div>
      <!--/noindex-->

      <div class="site-overview-wrap sidebar-panel">
        <div class="site-author motion-element" itemprop="author" itemscope itemtype="http://schema.org/Person">
  <p class="site-author-name" itemprop="name">作者：陈展</p>
  <div class="site-description" itemprop="description">欢迎到访</div>
</div>
<div class="site-state-wrap motion-element">
  <nav class="site-state">
      <div class="site-state-item site-state-posts">
          <a href="/archives">
          <span class="site-state-item-count">7</span>
          <span class="site-state-item-name">日志</span>
        </a>
      </div>
      <div class="site-state-item site-state-categories">
            <a href="/categories/">
          
        <span class="site-state-item-count">2</span>
        <span class="site-state-item-name">分类</span></a>
      </div>
      <div class="site-state-item site-state-tags">
            <a href="/tags/">
          
        <span class="site-state-item-count">3</span>
        <span class="site-state-item-name">标签</span></a>
      </div>
  </nav>
</div>



      </div>

    </div>
  </aside>
  <div id="sidebar-dimmer"></div>


      </div>
    </main>

    <footer class="footer">
      <div class="footer-inner">
        

        

<div class="copyright">
  
  &copy; 
  <span itemprop="copyrightYear">2025</span>
  <span class="with-love">
    <i class="fa fa-heart"></i>
  </span>
  <span class="author" itemprop="copyrightHolder">作者：陈展</span>
</div>
  <div class="powered-by">由 <a href="https://hexo.io/" class="theme-link" rel="noopener" target="_blank">Hexo</a> & <a href="https://pisces.theme-next.org/" class="theme-link" rel="noopener" target="_blank">NexT.Pisces</a> 强力驱动
  </div>

        








      </div>
    </footer>
  </div>

  
  <script src="/lib/anime.min.js"></script>
  <script src="/lib/velocity/velocity.min.js"></script>
  <script src="/lib/velocity/velocity.ui.min.js"></script>

<script src="/js/utils.js"></script>

<script src="/js/motion.js"></script>


<script src="/js/schemes/pisces.js"></script>


<script src="/js/next-boot.js"></script>




  




  
<script src="/js/local-search.js"></script>













  

  

</body>
</html>
